Howdy,

The IAB program for priv= acy and security (https://www.iab.org/activities/programs/privacy-an= d-security-program/) has a document requirement for a threat model docu= ment describing the confidentiality issues around surveillance.=C2=A0 In ot= her words, it looked to be about to duplicate some of the work already done= around this. To avoid that duplication of effort, and after some discussio= n with the IESG, the program has adopted this draft and plans to progress i= t along the IAB track.=C2=A0

We plan to address the comments already raised on the topic by Christia= n Huitema, Brian Trammel, and Stephane Bortzmeyer, along with incorporating= some additional work on metadata analysis.=C2=A0 Further comments on the d= raft or its successors can be sent to the authors or the IAB program list (= privsec-program@iab.org).=C2= =A0

regards,

Ted Hardie

--001a11c3146cc077e304fdc6ebb5-- From nobody Tue Jul 15 11:25:17 2014 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A61D71A0AFF for ; Tue, 15 Jul 2014 11:25:15 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.551 X-Spam-Level: X-Spam-Status: No, score=-2.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.651] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h1no5cxuns8v for ; Tue, 15 Jul 2014 11:25:14 -0700 (PDT) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id D8FE11A0AD9 for ; Tue, 15 Jul 2014 11:25:13 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id F3A82BE49; Tue, 15 Jul 2014 19:25:12 +0100 (IST) X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1C9WCQ20wyPm; Tue, 15 Jul 2014 19:25:12 +0100 (IST) Received: from [10.87.48.5] (unknown [86.44.79.39]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id E162FBDD7; Tue, 15 Jul 2014 19:25:11 +0100 (IST) Message-ID: <53C57207.3020903@cs.tcd.ie> Date: Tue, 15 Jul 2014 19:25:11 +0100 From: Stephen Farrell User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 MIME-Version: 1.0 To: perpass X-Enigmail-Version: 1.6 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Archived-At: http://mailarchive.ietf.org/arch/msg/perpass/drLrD5wtgBORx49tDQ4Jdvvp-8A Cc: "" Subject: [perpass] DHCP privacy considerations X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Jul 2014 18:25:15 -0000 Hiya, The DHC wg are in the process of re-chartering which triggered a side-discussion on the IESG list with the chairs about DHCP and possible information leakage. That is not any sort of pre-requisite for re-chartering since its pretty much covered by the current charter but after chatting the wg chairs figured it might be worthwhile to raise the topic in Toronto and on their list and see if there are folks who'd be interested in helping out with a bit of work on e.g. documenting DHCP privacy considerations. If that's of interest to you, and you have the time and expertise, please volunteer to help. Mailing the chairs would be the way to go for that- they're cc'd on this. BTW, the DHC WG meeting is Wednesday at 0900. I've a conflict for some of that time so may miss the slot. (As always, offering to help will likely be appreciated, whereas telling the WG their protocol isn't perfect is likely less useful, so use judgement in helping:-) Cheers, S. From nobody Tue Jul 15 22:39:38 2014 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2B3B81A02DA for ; Tue, 15 Jul 2014 22:39:36 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -0.001 X-Spam-Level: X-Spam-Status: No, score=-0.001 tagged_above=-999 required=5 tests=[BAYES_40=-0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hNq8XCWS23QE for ; Tue, 15 Jul 2014 22:39:34 -0700 (PDT) Received: from xsmtp11.mail2web.com (xsmtp31.mail2web.com [168.144.250.234]) (using TLSv1 with cipher AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 771DC1A02D9 for ; Tue, 15 Jul 2014 22:39:34 -0700 (PDT) Received: from [10.5.2.52] (helo=xmail12.myhosting.com) by xsmtp11.mail2web.com with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from ) id 1X7Hw9-000181-FR for perpass@ietf.org; Wed, 16 Jul 2014 01:39:33 -0400 Received: (qmail 8706 invoked from network); 16 Jul 2014 05:39:28 -0000 Received: from unknown (HELO HUITEMA5) (Authenticated-user:_huitema@huitema.net@[24.16.156.113]) (envelope-sender ) by xmail12.myhosting.com (qmail-ldap-1.03) with ESMTPA for ; 16 Jul 2014 05:39:27 -0000 From: "Christian Huitema" To: "'Stephen Farrell'" , "'perpass'" References: <53C57207.3020903@cs.tcd.ie> In-Reply-To: <53C57207.3020903@cs.tcd.ie> Date: Tue, 15 Jul 2014 22:39:26 -0700 Message-ID: <1b0001cfa0b8$4f303620$ed90a260$@huitema.net> MIME-Version: 1.0 Content-Type: text/plain; charset="Windows-1252" Content-Transfer-Encoding: 7bit X-Mailer: Microsoft Outlook 15.0 Content-Language: en-us Thread-Index: AQKHe0++tN3aQLG5LZAoRvLvnX0atZoyeWQg Archived-At: http://mailarchive.ietf.org/arch/msg/perpass/XSoz5nFDkW_RRuFy3gljlVKj7d8 Cc: dhc-chairs@tools.ietf.org Subject: Re: [perpass] DHCP privacy considerations X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2014 05:39:36 -0000 > The DHC wg are in the process of re-chartering which > triggered a side-discussion on the IESG list with the > chairs about DHCP and possible information leakage. I spent some time analyzing DHCP issues, and summed up the results in this draft: http://www.ietf.org/id/draft-huitema-perpass-dhcp-identifiers-00.txt Sorry, won't be in Toronto. -- Christian Huitema From nobody Wed Jul 16 13:41:12 2014 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 964111A02E8 for ; Wed, 16 Jul 2014 13:41:11 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2 X-Spam-Level: X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZpvKX8pSCfvM for ; Wed, 16 Jul 2014 13:41:10 -0700 (PDT) Received: from mail-pd0-x22d.google.com (mail-pd0-x22d.google.com [IPv6:2607:f8b0:400e:c02::22d]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2A1A91A02C1 for ; Wed, 16 Jul 2014 13:41:10 -0700 (PDT) Received: by mail-pd0-f173.google.com with SMTP id w10so1826940pde.4 for ; Wed, 16 Jul 2014 13:41:09 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=SPedjsznrjGggYJbXfsXjQRph6Iptx8XZomelx2ouOM=; b=Aa9AP7yar3Dli0m4lJxXYrjDsYQg5e7HRI2l9hCa0iPTyJ1nGxuyWazohxsg5DQ7xj 7TTyMqZ7s3nv8gMJz8HkGOPnvS5ax7OGkBxflTHAyzNi9qRS6udEKMVO9UrQnQ66YAqA yL4q2RDaWcAw0fvspDRFjHmjt3n+52P7iZoeJIb2oE5WnauBQibzzOujRs4upWvIrIzC 5njG5Dj+EDWH9d6bn4FmarjV11nxqj4N5pMiTJVxET8v1uiozehgInOEy4gDjnTGAq7C Glomy/D4ZmbuonRCxOMcAaMAz79pRu/kYE9BXR2eHDyfVQyFLytFBCR8/wD+xQ0wYvpB /ZVQ== X-Received: by 10.70.126.130 with SMTP id my2mr18584155pdb.124.1405543269876; Wed, 16 Jul 2014 13:41:09 -0700 (PDT) Received: from [192.168.2.235] (c-67-188-1-12.hsd1.ca.comcast.net. [67.188.1.12]) by mx.google.com with ESMTPSA id hs5sm247785pbb.92.2014.07.16.13.41.08 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 16 Jul 2014 13:41:09 -0700 (PDT) Content-Type: text/plain; charset=us-ascii Mime-Version: 1.0 (Mac OS X Mail 7.3 $1878.6$) From: Douglas Otis In-Reply-To: <53C57207.3020903@cs.tcd.ie> Date: Wed, 16 Jul 2014 13:41:07 -0700 Content-Transfer-Encoding: quoted-printable Message-Id: References: <53C57207.3020903@cs.tcd.ie> To: Stephen Farrell X-Mailer: Apple Mail (2.1878.6) Archived-At: http://mailarchive.ietf.org/arch/msg/perpass/y4dnIWFbJgJ8KJG7AGqJ_rvXy-8 Cc: "" , perpass , Douglas Otis Subject: Re: [perpass] DHCP privacy considerations X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2014 20:41:11 -0000 On Jul 15, 2014, at 11:25 AM, Stephen Farrell = wrote: >=20 > Hiya, >=20 > The DHC wg are in the process of re-chartering which > triggered a side-discussion on the IESG list with the > chairs about DHCP and possible information leakage. >=20 > That is not any sort of pre-requisite for re-chartering > since its pretty much covered by the current charter > but after chatting the wg chairs figured it might be > worthwhile to raise the topic in Toronto and on their > list and see if there are folks who'd be interested > in helping out with a bit of work on e.g. documenting > DHCP privacy considerations. >=20 > If that's of interest to you, and you have the time > and expertise, please volunteer to help. Mailing the > chairs would be the way to go for that- they're cc'd > on this. >=20 > BTW, the DHC WG meeting is Wednesday at 0900. I've a > conflict for some of that time so may miss the slot. > (As always, offering to help will likely be appreciated, > whereas telling the WG their protocol isn't perfect > is likely less useful, so use judgement in helping:-) Dear Stephen,=20 Similar considerations may also pertain to hybrid mDNS which is intended = to automatically transfer mDNS resources into DNS to convey resources = beyond the local link to overcome bridge multicast limitations. Regards, Douglas Otis= From nobody Wed Jul 16 14:13:44 2014 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3A701A005D for ; Wed, 16 Jul 2014 14:13:42 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: -2.551 X-Spam-Level: X-Spam-Status: No, score=-2.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.651] autolearn=ham Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SI5VDzoSXJ4U for ; Wed, 16 Jul 2014 14:13:41 -0700 (PDT) Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id CAF5E1A02D2 for ; Wed, 16 Jul 2014 14:13:40 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id BC9F8BEB5; Wed, 16 Jul 2014 22:13:39 +0100 (IST) X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l-Iixrt6zAkE; Wed, 16 Jul 2014 22:13:38 +0100 (IST) Received: from [10.87.48.5] (unknown [86.45.49.186]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id B481CBE98; Wed, 16 Jul 2014 22:13:38 +0100 (IST) Message-ID: <53C6EB02.2070106@cs.tcd.ie> Date: Wed, 16 Jul 2014 22:13:38 +0100 From: Stephen Farrell User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 MIME-Version: 1.0 To: Douglas Otis References: <53C57207.3020903@cs.tcd.ie> In-Reply-To: X-Enigmail-Version: 1.6 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Archived-At: http://mailarchive.ietf.org/arch/msg/perpass/g8a9BMbRdX4Rx1KOZfyu5NulRCs Cc: perpass Subject: Re: [perpass] DHCP privacy considerations X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Jul 2014 21:13:42 -0000 Hi Doug, (dropping dhc chairs for now) On 16/07/14 21:41, Douglas Otis wrote: > Similar considerations may also pertain to hybrid mDNS which is > intended to automatically transfer mDNS resources into DNS to convey > resources beyond the local link to overcome bridge multicast > limitations. Sure, and I guess those issues will be discussed on the homenet wg list. iast I looked It didn't look to me like the wg were yet at the point where it'd make sense to consider that though, but if you're following the wg and want to post a pointer here at the right time that'd be great. S. From nobody Sat Jul 19 02:48:04 2014 Return-Path: X-Original-To: perpass@ietfa.amsl.com Delivered-To: perpass@ietfa.amsl.com Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B00CE1A0377 for ; Sat, 19 Jul 2014 02:48:02 -0700 (PDT) X-Virus-Scanned: amavisd-new at amsl.com X-Spam-Flag: NO X-Spam-Score: 1.147 X-Spam-Level: * X-Spam-Status: No, score=1.147 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HELO_EQ_FR=0.35, RP_MATCHES_RCVD=-0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ehsDZhzwd8Ks for ; Sat, 19 Jul 2014 02:48:01 -0700 (PDT) Received: from givry.fdupont.fr (givry.fdupont.fr [IPv6:2001:41d0:1:6d55:211:5bff:fe98:d51e]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 04DB31A0360 for ; Sat, 19 Jul 2014 02:48:00 -0700 (PDT) Received: from givry.fdupont.fr (localhost [127.0.0.1]) by givry.fdupont.fr (8.14.3/8.14.3) with ESMTP id s6J9luWJ092189; Sat, 19 Jul 2014 11:47:56 +0200 (CEST) (envelope-from dupont@givry.fdupont.fr) Message-Id: <201407190947.s6J9luWJ092189@givry.fdupont.fr> From: Francis Dupont To: Stephen Farrell In-reply-to: Your message of Tue, 15 Jul 2014 19:25:11 BST. <53C57207.3020903@cs.tcd.ie> Date: Sat, 19 Jul 2014 11:47:56 +0200 Sender: Francis.Dupont@fdupont.fr Archived-At: http://mailarchive.ietf.org/arch/msg/perpass/g-xgN31o8LyCr_DrFy7Q8t52ymE Cc: perpass , "" Subject: Re: [perpass] DHCP privacy considerations X-BeenThere: perpass@ietf.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 19 Jul 2014 09:48:02 -0000 In your previous mail you wrote: > The DHC wg are in the process of re-chartering which > triggered a side-discussion on the IESG list with the > chairs about DHCP and possible information leakage. => IMHO the real (and only) question is about which information. As DHCP is essentially vulnerable on the link, I join Christian Huitema in the idea the things we could want to protect are the identifiers. Regards Francis.Dupont@fdupont.fr